Recent XMS related pools of http://NewB.farm contains hard rug code. Be aware if you are staking in it. function seize(IERC20 token, uint256 _fee) external{ require(msg.sender == governance, "!governance"); token.safeTransfer(msg.sender, _fee); } This code is quite simple and straight, the governor can take any amount of any token from the contract address.
